Security teams under pressure
Teiss – Brian Martin
A staggering 89% saw an increase in the volume of security alerts over the past 12 months according to a recent Integrity360 survey of over 200 IT security decision makers.
Of these, 76% reported an increase of between 1-50% in alerts and 26% an increase of 26-50%.
On average, teams are dealing with 61 alerts per week, which has risen by almost 30% compared to the same time last year.
Yet this increase in threat activity is not being matched by an increase in resource.
Insufficient budget was named as the top challenge by 31% of those questioned, indicating that many don’t feel there is enough investment, while 20% cited a lack of dedicated IR tools.
Furthermore, almost a quarter (23%) also highlighted the lack of IR skills and experience, revealing that the skills gap is now reaching crisis point.
These deficits are creating mounting pressure on security teams, leading to a higher risk of compromise.
The complexity of the incident was the main focus for information security analysts (37%), followed by lack of board level understanding (33%) and untested incident response plans and processes (26%).
In contrast, for the CIO, after lack of budget (33%) it was lack of tools (30%) and then the complexity of the incident (28%).
This seems to suggest that analysts feel unsupported in terms of the strategic lead coming from the C-suite.
Time is of the essence when it comes to incident response and the pressure to reduce Mean Time to Response (MMTR) saw 40% citing this as the most stressful aspect.
This was followed by the sense of responsibility (31%), taking the right initial steps in response (25%) and ensuring effective communication (25%).
Interestingly, the fear of being wrong (24%) ranked higher than difficulty in diagnosing the incident (22%).
It’s estimated that 41% currently have an internal skills gap when it comes to IR which is trending upwards, from 27% in 2020, 32% in 2021 and 37% in 2022, according to the Cyber security skills in the UK labour market 2023 report.
Link: https://www.teiss.co.uk/culture–people/security-teams-under-pressure?utm_source=newsletter&utm_medium=email&utm_campaign=Weekly%20Newsletter